CCNP Route 642 902 BGP


Published on

Ccnp route 642 902 bgp

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

CCNP Route 642 902 BGP

  1. 1. Cisco CCNP Route 642-902: BGP and BGP ConfigurationBGP or Border Gateway Protocol is an external, dynamic routing protocol. It is mostoften used between ISPs and between enterprises and their service providers. BGPis literally the routing protocol of the Internet because it connects independentnetworks together, enabling end-to-end transport. Scalability and stability are BGP’sfocus, not speed – as a result it behaves very differently than most other routingprotocols.BGP is recommended whenever multihoming is a requirement (dual ISP connectionsto different carriers), when route path manipulation is needed, and in transitAutonomous Systems.A Quick Overview of BGP  Routers running BGP are called BGP speakers.  BGP uses autonomous system numbers to keep track of different administrative domains. 1-64511 are public, 64512-65535 are private.  BGP is used to connect IGPs, interior gateway protocols like OSPF and EIGRP. Routing between Autonomous Systems is referred to as interdomain routing.  The administrative distance for eBGP routes is 20, iBGP is 200.  BGP neighbors are called “peers” and must be statically assigned.  Peers receive incremental, triggered updates as well as keepalives using TCP port 179.  BGP is sometimes referred to as a “path-vector” protocol because its route to a network uses AS numbers on the path to the destination.  BGP uses it’s path-vector attributes to help in loop prevention. When an update leaves an AS, the AS number is prepended to the update along with all the other AS numbers that have spread the update.  When a BGP router receives an update, it first scans through the list of AS numbers. If it sees its own AS number, the update is discarded.BGP DatabasesLike most modern routing protocols, BGP has two separate databases – a neighbordatabase and a BGP-specific database.Neighbor DatabaseLists all of the configured BGP neighborsRouter# show ipbgp summaryBGP DatabaseLists all networks known by BGP along with their attributes.Router# show ipbgp
  2. 2. BGP Message TypesThere are four different BGP message types.OpenAfter a BGP neighbor is configured, the router sends an open message to establishpeering with the neighbor.UpdateThe type of message used to transfer routing information between peers.KeepaliveBGP peers send keepalive messages every 60 seconds by default to maintain activeneighbor status.NotificationIf a problem occurs and a BGP peer connection must be dropped, a notificationmessage is sent and the session is closed.Internal vs. ExternaliBGP, or internal BGP is a peering relationship between BGP routers within the sameautonomous system. eBGP, or external BGP describes a peering relationship betweenBGP routers in different autonomous systems. It is an important distinction to make.In the diagram below, R1 and R2 are eBGP peers. R2 and R3 and iBGP peers.BGP Next-Hop SelfWhen you have BGP neighbors peering between autonomous systems like R1 and R2above, BGP uses the the IP address of the router the update was received from as its“next hop”. When a router receives an update from an eBGP neighbor, it must passthe update to its iBGPneighbors with-out modifying the next hop attribute.The next-hop IP address is the IP address of the edge router belonging to the
  3. 3. next-hop autonomous system.For example, let’s say R1 sends an update to R2 from its serial interface. R2must use keep the next-hop IP set as when it passes the update along to R3,its iBGP peer. The problem is that R2 does not know about and so it cannotuse it as its next hop address.The neighbor [IP address] next-hop-self command solves the problem by advertisingitself as the next-hop address. In this example, it would be applied to R2 so anyupdates passed along to R3 would use an R2 address as the next-hop.R2(config)# router bgp 65300R2(config-router)# neighbor next-hop-selfR2(config)# exitBGPs Synchronization RuleThe BGP synchronization rule states that a BGP router cannot use or forward newroute updates it learns from iBGP peers unless it knows about the network fromanother source, like an IGP or static route.The idea is to prevent using or forwarding on information that is unreliable andcannot be verified. Remember, BGP prefers reliability and stability over using thenewest, fastest route.This means that iBGP peers will not update each other unless an IGP is running underthe hood. To remove the limitation, use the no synchronization command under BGPconfiguration mode. Recent versions of IOS have it disabled by default, but it isimportant topic to understand.Resetting BGP SessionsInternet routers running BGP have enormous routing tables. When a filter is applied,like a route map, changes to BGP attributes occur. Those changes could affect manyof the routes already in the routing table from BGP. Because BGP’s network list isusually very long, applying a route map or prefix list after BGP has converged can bedisastrous. The router would have to check the filter against every possible routeand attribute combination.To make matters worse, if it were to apply the filters and pull routes back fromneighbors, those changes could then cause another reconvergence – and on andon. In an effort to avoid that scenario (BGP loves stability), BGP will only applyattribute and network changes to routes AFTER the filter has been applied. Allexisting routes stay unchanged.If the network administrator decides that the filter needs to be applied to all routes,then the BGP instance must be reset – forcing the entire BGP table to pass through
  4. 4. the filter. There are three ways to do this:  Hard reset  Soft reset  Route refreshThe hard and soft reset options aren’t discussed here because they are not directlyrelevant to the exam. You should know though, that both options are extremelymemory-taxing on the router as all the routes must be recomputed. Route refreshwas developed to solve the high memory problems, while still forcing a reset.The following command performs the BGP route refresh:Router# clear ipbgp[ * | neighbor-address]BGP ConfigurationEnabling BGPLike other routing protocols, BGP must be enabled with the router command. Makesure to include the AS number.R1(config)# router bgpautonomous-system-numberBGP PeeringEach neighbor must be statically assigned using the neighbor command. If the ASnumber matches the local router’s, it is an iBGP connection. If the AS number isdifferent, it is an eBGP connection.R1(config-router)# neighbor ip-address remote-asautonomous-system-numberIf a router has a long list of directly connected neighbors, the BGP configuration canstart to get long and difficult to follow – especially as neighbor policies areapplied. Peer groups solve that.Peer groups are groups of peer neighbors that share a common updatepolicy. Updating an entire group of neighbor statements can then be done with onecommand. Much easier for large BGP networks. Think of a peer group as a logicalgrouping of routers that are grouped under a single name to make changes fasterand configurations shorter. Like OUs in Active Directory.Peer groups not only reduce the number of lines of configuration, but they reducethe ease the overhead of the router. A BGP update process normally runs for eachneighbor. If a peer group is configured, a single update process runs for all routers inthe group. Notice that this means that all of the router inside a peer group must beeither all iBGP or eBGP neighbors.Basic neighbor configuration example:R1(config)# router bgp 65300R1(config-router)# neighbor remote-as 65300
  5. 5. R1(config-router)# neighbor remote-as 65300R1(config-router)# neighbor remote-as 65300Peer group configuration example:R1(config)# router bgp 65300R1(config-router)# neighbor MINE peer-groupR1(config-router)# neighbor MINE remote-as 65300R1(config-router)# neighbor peer-group MINER1(config-router)# neighbor peer-group MINER1(config-router)# neighbor peer-group MINEBGP Source AddressR1 in the diagram below has two different options when it comes to peering toR2. It can peer to the physical interface IP address, or it can peer to R2′ sloopback interface, a peer relationship is made using the physical interface as the source address,problems can occur if the interface goes down. In this scenario, even if R2′ s10.1.1.2 interface drops, it still has connectivity to R2′ s networks via R3 and R2′ sother physical interface. Even though an IGP would still show R2′ s network asaccessible, the BGP peer relationship would drop because R1 cannot reach itspeering address with R2.Most implementations recommend using a loopback address as the BGP sourceaddress for this reason. Remember that the loopback address must be added to theIGP running for this to work.This way, if R2′ s interface fails, R2 will still be reachable.
  6. 6. The update-source command accomplishes this.Here’s an example:R1(config)# router bgp 65400R1(config-router)# neighbor remote-as 65400R1(config-router)# neighbor update-source loopback0R2(config)# router bgp 65400R2(config-router)# neighbor remote-as 65400R2(config-router)# neighbor update-source loopback0Defining NetworksNetwork statements in BGP are used differently than in other routing protocols likeEIGRP or OSPF. EIGRP and OSPF use the network statements to define whichinterfaces you want to participate in the routing protocol process.BGP uses network statements to define which networks the local router shouldadvertise. Each network doesn’t have to be originating from the local router, but thenetwork must exist in the routing table. The optional mask keyword is oftenrecommended as BGP supports subnetting and supernetting.Example:R1(config)# router bgp 65300R1(config-router)# neighbor remote-as 65300R1(config-router)# network neighbor remote-as 65300R1(config-router)# network that by default a BGP router will not advertise a network learned fromone iBGP peer to another. This is why iBGP is not a good replacement for an IGP likeEIGRP and OSPF.BGP Path SelectionUnlike most other routing protocols, BGP is not concerned with using the fastest pathto a given destination. Instead, BGP assigns a long list of attributes to eachpath. Each of these attributes can be administratively tuned for extremely granularcontrol of route selections.BGP also does not load balance across links by default. To select the best route, BGPuses the criteria in the following order:1. Highest weight2. Highest local preference3. Choose routes originated locally4. Path with the shortest AS path5. Lowest origin code ( i< e < ? )
  7. 7. 6. Lowest MED7. eBGP route over iBGP route8. Route with nearest IGP neighbor (lowest IGP metric)9. Oldest route10. Neighbor with the lowest router ID11. Neighbor with the lowest IP addressControlling Path SelectionThe most common method of controlling the attributes listed above is to use routemaps. This allows specific attributes to be changed on specific routes. Before we getinto route maps, let’s first discuss the three prominent attributes: weight, localpreference, and MED.WeightOn Cisco routers, weight is the most influential BGP attribute. The weight attributeis proprietary to Cisco and is normally used to select an exit interface when multiplepaths lead to the same destination. Weight is local and is not sent to otherrouters. It can be a value between 0-65,535. 0 is the default. In the example below,if you want R2 to prefer to use R1 when sending traffic to then theweight attribute could raised on R2 for R1.R2(config)# router bgp 65100R2(config-router)# neighbor remote-as 65100R2(config-router)# neighbor remote-as 65100R2(config-router)# neighbor weight 100Local PreferenceLocal preference is not proprietary to Cisco and can be used in a similar fashion toweight. It can be set for the entire router or for a specific prefix. Local preferencescan range from 0-4,294,967,295, with 100 being the default value. Unlike weight,local preference is propagated to iBGP neighbors.
  8. 8. Using the diagram above, if an administrator wanted R2 to use R1 when sendingtraffic to, the configuration would look something like this:R1(config)# router bgp 65100R1(config-router)# bgp default local-preference 500After the local preference is raised on R1, it will be shared with R2 and R2 will beginusing it as its best path to the distant network (assuming the weight is the same ofcourse). If you want to set the local preference on specif prefixes, route maps areusually the best option. Below is an example of the local preference being set usinga route map:R7(config)# router bgp 200R7(config-router)# neighbor remote-as 100R7(config-router)# neighbor route-map lp_example inR2(config-router)# exitR7(config)# access-list 7 permit route-map lp_example permit 10R7(config-rmap)# match ip address 7R7(config-rmap)# set local-preference 300R7(config-rmap)# exitR7(config)# route-map lp_example permit 20R7(config-rmap)# set local-preference 100MEDThe MED attribute, or multi-exit discriminator is used to influence which pathexternal neighbors use to enter an AS. MED is also much farther down on theattribute list, so attributes like weight, local preference, AS path length, and originare used first. The default MED value is 0 and a lower value is preferred. A commonscenario for MED is when a company has two connections to the same ISP forinternet.Weight or local preference could be used to send outgoing traffic on the higherbandwidth link, but local preference is not shared with routers outside an AS. MEDcould be set on one router so ISP routers prefer that path in.To set the MED on all routes:R1(config-router)# default-metric valueHere’s an example using a route map to influence incoming paths to10.30.30.0/24 using MED:R7(config)# router bgp 200R7(config-router)# neighbor remote-as 200R7(config-router)# neighbor route-map med_example outR2(config-router)# exitR7(config)# access-list 7 permit
  9. 9. R7(config)# route-map med_example permit 10R7(config-rmap)# match ip address 7R7(config-rmap)# set metric 50R7(config-rmap)# exitR7(config)# route-map med_example permit 20R7(config-rmap)# set metric 150VerificationIt’s important that you understand and are able to interpret to results of the showipbgp command output. It displays the contents of the local BGP topologydatabase- including the attributes assigned to each network. It is perhaps the mostimportant BGP verification and troubleshooting tool!Because BGP uses many attributes and sources routes in a number of ways, theoutput of the show ipbgpcommand can be a bit overwhelming if you don’t knowwhat you are looking for.R1# show ipbgpBGP table version is 21, local router ID is codes: s suppressed, d damped, h history, * valid, > best, i - internalOrigin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path*> 0 32768 ?* 10 0 25 ?*> 0 32768 ?* 10 0 25 ?*> 0 32768 ?*> 10 0 25 ?AttributesHere’s a breakdown of some important fields you should consider remembering:* - An asterisk in the first column means that the route has a valid next hop.s (suppressed) – BGP is not advertising the network, usually because it is part of asummarized route.> - Indicates the best route for a particular destination. These will end up in therouting table.i (internal) - If the third column has an i in it, it means the network was learned froman iBGP neighbor. If it is blank, it means the network was learned from an externalsource. - The fifth column shows the next hop address for each route. A the local router originated the route (examples include a networkcommand entered locally or a network an IGP redistributed into BGP on the router)Metric (MED value) – The column titled Metric represents the configured MEDvalues. Recall that 0 is the default and if another value exists, lower is preferred.
  10. 10. i/?- The last column displays information on how BGP originally learned theroute. In the example above is used for each route meaning they were allredistributed routes into BGP from an IGP. The other option is a question mark,which indicates that network commands were used to configure the route.More Related Topics:Routing Information Protocol & RIP ConfigurationHow to Configure IGRP (Interior Gateway Routing Protocol)?CCNP SWITCH 642-813 Guide: Configuring IP SLAHow to Configure Cisco IP SLA?Basic Information of Configuring HSRP on a Cisco Router